IT security tips for students

Security awareness is essential in this modern world, as there are many new scams and exploits being released every day. Being aware of good security practices can make you less vulnerable to these scams.

Here are our top ten tips of being safe online:

1. Password Protect Everything

On many mobile devices enabling a password or PIN actually triggers encryption on the device. This adds yet another layer of security, making personal information unreadable and unrecoverable by anyone who does not know the password.

For your computer a password adds a basic defense against unauthorized access. If you are storing sensitive information a password is not enough, and a skilled thief could easily crack your password.

Top Tip: Don’t use the same password on multiple accounts because if one of them gets compromised all your accounts are vulnerable.

2. Create Complex Passwords

Make sure the passwords you create are complex (at least 8 characters, more is better) and never share them with anyone. You must change your password from the default one assigned to you as the default password can be cracked by the average desktop PC is only 15 hours. For more information about your student password: Student Username and Password: What is my username or password?

Top Tip: Make your password something difficult to guess, include upper and lower case letters as well as numbers and never tell anyone your password.

3. Don’t Open Unknown Email Attachments or Links

If someone emails you an attachment and you were not expecting it, do not open it, as even a PDF file can hide malware inside.

Never click any unknown links in emails, they may not lead where you think. If in doubt visit the site mentioned directly (by typing the address you know to be correct into your browser), and check your account information from there.

The University will never email you to tell you that you require an account upgrade, verification or migration. As long as you are a student here, you will have an account whether you check your email or not.

4. Use Secure Wifi

Using Secure Wifi basically protects your internet connection from potential eavesdroppers. It creates a secure (encrypted) connection for you so your internet activity is private. Conversely, by browsing on open or unsecured wifi networks, your data is not encrypted, or protected, and can be easily snooped and viewed by others on the network. To find out how to access secured OCADU wifi see: Wireless: How Do I Connect To OCADU Wifi?

Top Tip: When setting up wifi at home, always choose WPA 2 password strength to add password protection to your network making it secure.

5. Use Privacy Settings on Social Media

Social media can provide a lot of private information to the public. This includes where you go to school, your mother’s maiden name, when you are home and not, home town, etc. etc. This information is often used in security questions for online banking. Search engines often list personal social media pages. And this information is often used by criminals in theft, phone scams, or other attempts to separate you from your cash.

Top Tip: For a quick test, sign out of your social media account and Google your own name, and assess what information comes up. The information you see is available to everyone, potential employers, professors and criminals.

6. Always Log Out

When you are finished using an online account, simply log out. If you do not log out you are allowing others to access your information through your own account. It does not matter how complex your password is in public places if you do not log out, you are potentially allowing any other person in that area full access to the account logged on – without any effort from them.

*This includes logging out of OCADU campus computers. Not shutting down programs properly, printing files, or other computer processes can interrupt the logout or shutdown of a computer. This potentially allows others to access your print account, files or browser data. WAIT until you see that you have been successfully logged out of the computer.

Top Tip: Closing your browser does not always end your session. To be sure, always log out! If there is no obvious means to log out, close your browser and shut down or restart the computer.

7. Check for Https

If you are entering personal information into a website (username, password, contact details etc.) you should check that the site has “https” in the address bar. This means the connection to the site is encrypted and the information you are entering is secure. It prevents potential eavesdroppers from reading your information as you enter it.

Top Tip: Your browser will also show a padlock icon if the site you are visiting is secure.

8. Malware = Malicious Software

Malware comes in many forms, and can target both computers (Windows and Macs) and mobile devices. In mobile devices, always check the permissions on app downloads to make sure you are not downloading a malicious application. Never jailbreak, sideload or install any applications outside of the App Store.

Make sure to keep your computer updated. Mac computers also get viruses, and users should be aware that they are not excluded from malicious software attacks. You should keep up to date with OS updates and patches.

If you suspect you are in the midst of a malware attack, immediately shut down your computer and contact the IT Helpdesk (x277) or the Laptop Helpdesk (x444). Ensure your computer has been properly assessed and remedied of the malware/compromise before you resume using it.

Top Tip: When you download any exe, dmg, rar, or zip file, right click on the file and select “scan for threats” to scan the file with Symantec Anti-Virus before opening.

9. Use Anti-Virus Software

Using an Anti-virus will protect your machine from getting infected if you download malware accidentally. Anti-virus software should be considered a last line of defense, and will not protect against poor computer security practices, this is because an anti-virus can only protect against known viruses, poor passwords, visiting unsecured sites and scam emails will not be detected by an Anti-virus. Mac computers should also have an Anti-virus installed, as they are vulnerable to virus infection as well.

Top Tip: Symantec Anti-virus is installed on some laptops of students in the Laptop Program and all campus computers.

10. Download from Trusted Sources

Make sure to check the feedback from others before installing new apps or programs. When looking for mobile applications do not slide load applications or jail break your device. Always download from the official app store, and check reviews and permissions before installing applications. On computers, when possible download the software directly from a trusted source, such as an official distribution page, or a well-known software repository. Always be wary when installing and fully read all install pages to make sure extra toolbars and programs are not installed.

Top Tip: Any site offering an expensive piece of software for free is likely not legitimate, many browsers will give you a warning when visiting a problem site – heed the warning!